I want to verify my signature. My signature is a byte array. I use spongy castle
I get error :
"org.spongycastle.cms.CMSException: Malformed content."
This is my code:
String base64 = Base64.toBase64String(signedchallenge);
CMSSignedData cms = new CMSSignedData(Base64.decode(base64));
Store store = cms.getCertificates();
SignerInformationStore signers = cms.getSignerInfos();
Collection c = signers.getSigners();
I get error in line :
" CMSSignedData cms = new CMSSignedData(Base64.decode(base64));"
I also used this method for signed challenge generation. I did it in smart cart
Signature signature=Signature.getInstance(Signature.ALG_RSA_SHA_PKCS1,false);
signature.init(thePrivateKey,Signature.MODE_SIGN);
signLength=signature.sign(buffer,(short)(ISO7816.OFFSET_CDATA & 0xFF), inputlength, buffer, (short)(0));
apdu.setOutgoingAndSend((short)0,signLength);
According to javacard documentation
ALG_RSA_SHA_PKCS1
generates a 20-byte SHA digest, pads the digest according to the PKCS#1 (v1.5) scheme, and encrypts it using RSA
To verify the signature in Android side use this code
Signature sig = Signature.getInstance("SHA1withRSA");
sig.initVerify(publicKey);
sig.update(challenge);
boolean verifies = sig.verify(signedchallenge);
Where signedchallenge is the signature available on buffer
from (short)(ISO7816.OFFSET_CDATA & 0xFF)
to signLength
and challenge
is the original data to sign